8a6520b51c2cc7fe8c50105526fc7e3f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a6520b51c2cc7fe8c50105526fc7e3f_JaffaCakes118
Size

174KB
MD5

8a6520b51c2cc7fe8c50105526fc7e3f
SHA1

7aab18cc252593129324294fcbb36e55f7c7118d
SHA256

737bab51a86fe5bae7215da402bc170f30aeb5b9ff67fdc3a15e712defcd3f93
SHA512

99433b6e7c7df821890421bda94eb9a1b8de0466385331cefef04232b49c86eb0388547e4703faff7c508071fb7424f8282dc3c2e22e6cdc27012b0cdb1ec630
SSDEEP

3072:nv2/6swQbbQvvT7zA4r3EZTnXFYhzRpAJga5H0HQYXd5o31w7uNp:O/BXQ/zd3g1YhdpO0Zj4fD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a6520b51c2cc7fe8c50105526fc7e3f_JaffaCakes118

Files

8a6520b51c2cc7fe8c50105526fc7e3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f378ec3e53799a50e84a2a49cb833550

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW
WTSUnRegisterSessionNotification
WTSEnumerateSessionsW
WTSRegisterSessionNotification

kernel32

GetEnvironmentVariableA
SystemTimeToFileTime
LoadLibraryW
GetProcessHeap
GetSystemTimeAsFileTime
HeapDestroy
HeapFree
GetCurrentProcessId
SetUnhandledExceptionFilter
MultiByteToWideChar
HeapAlloc
QueryPerformanceCounter
WideCharToMultiByte
GetSystemTime
GetACP
CreateFileW
GetTickCount
CloseHandle
Sleep
LoadLibraryExW
GetModuleHandleA
UnhandledExceptionFilter
EnumResourceTypesW
RaiseException
GetThreadLocale
GetStartupInfoA
HeapReAlloc
HeapFree
lstrlenA
InterlockedExchange
InterlockedCompareExchange
GetCurrentProcess
CompareFileTime
lstrlenW
GetLocaleInfoA
GetStdHandle
IsDebuggerPresent
LocalAlloc
CreateProcessA
TerminateProcess
HeapSize
GetCurrentThreadId
WriteFile
lstrcpynW

oleacc

LresultFromObject
AccessibleObjectFromEvent

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ